priv

Author: Npeca75

.docker/Dockerfile

@@ -0,0 +1,54 @@
+FROM npeca75/php:84
+
+# ==> Download packages
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get -y update \
+ && apt-get install --no-install-recommends -y acl curl fping graphviz imagemagick mariadb-client mtr-tiny nginx-full nmap sudo snmp snmpd snmptrapd rsyslog tini \
+ rrdtool rrdcached memcached whois unzip dialog mc iputils-ping net-tools cron locales mailutils git ipmitool \
+ python3-pip python3-memcache python3.11-venv \
+ && curl -sSL https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer \
+ && apt-get clean && apt-get autoclean && apt-get autoremove --purge && update-locale
+
+# COPY . /tmp/
+
+# ===> SYSTEM
+RUN mkdir -p /tmp/librenms \
+ && mkdir -p /config \
+ && mkdir -p /etc/bash_completion.d \
+ && mkdir -p /root/.ssh \
+ && cd /tmp/librenms \
+ && git clone --branch priv https://github.com/Npeca75/librenms.git . \
+ && rm -rf .git .github html/plugins/Test html/plugins/Weathermap doc/* tests/* /tmp/*.patch \
+ && mv -f /tmp/librenms /opt/ \
+ && mkdir -p /opt/librenms/.config/pip \
+ && printf "[global]\nbreak-system-packages = true" > /opt/librenms/.config/pip/pip.conf \
+ && printf "export PATH=\"$HOME/.local/bin:$PATH\"" > /opt/librenms/.bashrc \
+ && printf "export PATH=\"$HOME/.local/bin:$PATH\"" > /opt/librenms/.bash_profile \
+ && useradd librenms -d /opt/librenms -M -s /bin/bash \
+ && usermod -a -G librenms www-data \
+ && chown -R librenms:librenms /opt/librenms \
+ && chmod 771 /opt/librenms \
+ && sudo -u librenms ./scripts/composer_wrapper.php install --no-dev \
+ && sudo -u librenms pip3 install --user -r requirements.txt --break-system-packages \
+ && setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ \
+ && setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
+
+# ===> ENV Block
+ENV APP_URL=/ \
+ DB_HOST=0.0.2.18 \
+ DB_PORT=3306 \
+ DB_DATABASE=dockernms \
+ DB_USERNAME=dockernms \
+ DB_PASSWORD=dockernms \
+ LIBRENMS_USER=librenms \
+ APP_KEY=base64:6CaJpkZHwn6asygA4XYFUPVx2WceJilUErR+EnWCnnw= \
+ NODE_ID=61ec37deb7b95 \
+ DEF_IP=169.254.255.254 \
+ HTPASSWD=Monitoring:{SHA}y9YdYTU/SdxKN53tgn311TxPJ28= \
+ NMS_ROLE=poller
+
+VOLUME /config
+MAINTAINER Peca Nesovanovic <[email protected]>
+ EXPOSE 162/tcp 162/udp 514/tcp 514/udp 18000/tcp
+ENTRYPOINT ["tini", "--"]
+CMD ["/opt/librenms/.docker/startup.sh"]

.docker/config/Dockerfile

@@ -0,0 +1,60 @@
+FROM npeca75/php:84
+
+# ==> Download packages
+ARG DEBIAN_FRONTEND=noninteractive
+RUN apt-get -y update \
+ && apt-get install --no-install-recommends -y acl curl fping graphviz imagemagick mariadb-client mtr-tiny nginx-full nmap sudo snmp snmpd snmptrapd rsyslog tini \
+ rrdtool rrdcached memcached whois unzip dialog mc iputils-ping net-tools cron locales mailutils git ipmitool \
+ python3-pip python3-memcache python3.11-venv \
+ && curl -sSL https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer \
+ && apt-get clean && apt-get autoclean && apt-get autoremove --purge && update-locale
+
+COPY . /tmp/
+
+# ===> SYSTEM
+RUN mkdir -p /tmp/librenms \
+ && mkdir -p /config \
+ && mkdir -p /etc/bash_completion.d \
+ && mkdir -p /root/.ssh \
+ && cd /tmp/librenms \
+ && git clone --depth=1 https://github.com/librenms/librenms.git . \
+ && echo "----- patch 0 -----" \
+ && git apply /tmp/0.patch \
+ && echo "----- patch 1 -----" \
+ && git apply /tmp/1.patch \
+ && echo "----- patch end -----" \
+ && mv -f /tmp/.docker /tmp/librenms/.docker \
+ && rm -rf .git .github html/plugins/Test html/plugins/Weathermap doc/* tests/* /tmp/*.patch \
+ && mv -f /tmp/librenms /opt/ \
+ && mkdir -p /opt/librenms/.config/pip \
+ && printf "[global]\nbreak-system-packages = true" > /opt/librenms/.config/pip/pip.conf \
+ && printf "export PATH=\"$HOME/.local/bin:$PATH\"" > /opt/librenms/.bashrc \
+ && printf "export PATH=\"$HOME/.local/bin:$PATH\"" > /opt/librenms/.bash_profile \
+ && useradd librenms -d /opt/librenms -M -s /bin/bash \
+ && usermod -a -G librenms www-data \
+ && chown -R librenms:librenms /opt/librenms \
+ && chmod 771 /opt/librenms \
+ && sudo -u librenms ./scripts/composer_wrapper.php install --no-dev \
+ && sudo -u librenms pip3 install --user -r requirements.txt --break-system-packages \
+ && setfacl -d -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/ \
+ && setfacl -R -m g::rwx /opt/librenms/rrd /opt/librenms/logs /opt/librenms/bootstrap/cache/ /opt/librenms/storage/
+
+# ===> ENV Block
+ENV APP_URL=/ \
+ DB_HOST=0.0.2.18 \
+ DB_PORT=3306 \
+ DB_DATABASE=dockernms \
+ DB_USERNAME=dockernms \
+ DB_PASSWORD=dockernms \
+ LIBRENMS_USER=librenms \
+ APP_KEY=base64:6CaJpkZHwn6asygA4XYFUPVx2WceJilUErR+EnWCnnw= \
+ NODE_ID=61ec37deb7b95 \
+ DEF_IP=169.254.255.254 \
+ HTPASSWD=Monitoring:{SHA}y9YdYTU/SdxKN53tgn311TxPJ28= \
+ NMS_ROLE=poller
+
+VOLUME /config
+MAINTAINER Peca Nesovanovic <[email protected]>
+ EXPOSE 162/tcp 162/udp 514/tcp 514/udp 18000/tcp
+ENTRYPOINT ["tini", "--"]
+CMD ["/opt/librenms/.docker/startup.sh"]

.docker/config/librenms.cron

@@ -0,0 +1,11 @@
+# Using this cron file requires an additional user on your system, please see install docs.
+
+33   */6  * * *   librenms    /opt/librenms/cronic /opt/librenms/discovery-wrapper.py 1
+*/5  *    * * *   librenms    /opt/librenms/discovery.php -h new >> /dev/null 2>&1
+*/5  *    * * *   librenms    /opt/librenms/cronic /opt/librenms/poller-wrapper.py 10
+*    *    * * *   librenms    /opt/librenms/alerts.php >> /dev/null 2>&1
+*/5  *    * * *   librenms    /opt/librenms/poll-billing.php >> /dev/null 2>&1
+01   *    * * *   librenms    /opt/librenms/billing-calculate.php >> /dev/null 2>&1
+*/5  *    * * *   librenms    /opt/librenms/check-services.php >> /dev/null 2>&1
+19   0    * * *   librenms    /opt/librenms/daily.sh >> /dev/null 2>&1
+*    *    * * *   librenms    php /opt/librenms/artisan schedule:run --no-ansi --no-interaction > /dev/null 2>&1

.docker/config/librenms.vhost

@@ -0,0 +1,25 @@
+
+server {
+ listen      18000;
+ listen      [::]:18000;
+ server_name #;
+ root        /opt/librenms/html;
+ index       index.php;
+ auth_basic "restricted";
+ auth_basic_user_file /etc/nginx/htpasswd;
+
+ charset utf-8;
+ gzip on;
+ gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
+ location / {
+  try_files $uri $uri/ /index.php?$query_string;
+ }
+ location ~ [^/]\.php(/|$) {
+  fastcgi_pass unix:/run/php-fpm-librenms.sock;
+  fastcgi_split_path_info ^(.+\.php)(/.+)$;
+  include fastcgi.conf;
+ }
+ location ~ /\.(?!well-known).* {
+  deny all;
+ }
+}

.docker/config/rsyslog.conf

@@ -0,0 +1,87 @@
+# /etc/rsyslog.conf configuration file for rsyslog
+#
+# For more information install rsyslog-doc and see
+# /usr/share/doc/rsyslog-doc/html/configuration/index.html
+#
+# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
+
+
+#################
+#### MODULES ####
+#################
+
+module(load="imuxsock") # provides support for local system logging
+#module(load="immark")  # provides --MARK-- message capability
+
+# provides UDP syslog reception
+module(load="imudp")
+input(type="imudp" port="514")
+
+# provides TCP syslog reception
+module(load="imtcp")
+input(type="imtcp" port="514")
+
+# provides kernel logging support and enable non-kernel klog messages
+module(load="imklog" permitnonkernelfacility="on")
+
+#$template remote-incoming-logs, "/var/log/rsyslog/%HOSTNAME%/%PROGRAMNAME%.log"
+#*.* ?remote-incoming-logs
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Use traditional timestamp format.
+# To enable high precision timestamps, comment out the following line.
+#
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+# Filter duplicated messages
+$RepeatedMsgReduction on
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup root
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+$PrivDropToUser root
+$PrivDropToGroup root
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+################
+### LibreNMS ###
+################
+
+module(load="omprog")
+
+template(name="jetstream"
+    type="string"
+    string= "%fromhost%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%msg:F,32:3%||%$year%-%$month%-%$day% %timegenerated:8:25%||%msg:R,ERE,4,FIELD:(\\s)([0-9][0-9][0-9][0-9][0-9])(\\s)(.+)--end%||tp-link\n")
+
+template(name="librenms"
+    type="string"
+    string= "%HOSTNAME%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timegenerated:8:25%||%msg%||%programname%\n")
+
+if re_match($hostname, '^[0-9]+\\-[0-9]+\\-[0-9]+') then {
+    action(type="omprog"
+    binary="/opt/librenms/syslog.php"
+    template="jetstream")
+    & stop
+} else {
+    action(type="omprog"
+    binary="/opt/librenms/syslog.php"
+    template="librenms")
+    & stop
+}
+#
+# Include all config files in /etc/rsyslog.d/
+#
+#$IncludeConfig /etc/rsyslog.d/*.conf

.docker/config/snmpd.conf

@@ -0,0 +1,5 @@
+rocommunity public 127.0.0.1
+syscontact [email protected]
+extend distro /opt/librenms/Docker/agents/distro
+extend hardware "/bin/cat /sys/devices/virtual/dmi/id/product_name"
+extend manufacturer "/bin/cat /sys/devices/virtual/dmi/id/sys_vendor"

.docker/config/snmptrapd.conf

@@ -0,0 +1,4 @@
+snmpTrapdAddr udp:162,udp6:162
+disableAuthorization yes
+authCommunity log,execute,net public
+traphandle default /opt/librenms/.docker/prgs/trap.sh

.docker/prgs/agents/distro

@@ -0,0 +1,140 @@
+#!/usr/bin/env bash
+# Detects which OS and if it is Linux then it will detect which Linux Distribution.
+
+OS=$(uname -s)
+REV=$(uname -r)
+MACH=$(uname -m)
+
+if [ "${OS}" = "SunOS" ] ; then
+  OS=Solaris
+  ARCH=$(uname -p)
+  OSSTR="${OS} ${REV}(${ARCH} $(uname -v))"
+
+elif [ "${OS}" = "AIX" ] ; then
+  OSSTR="${OS} `oslevel` ($(oslevel -r))"
+
+elif [ "${OS}" = "Linux" ] ; then
+  KERNEL=$(uname -r)
+
+  if [ -f /etc/fedora-release ]; then
+    DIST=$(cat /etc/fedora-release | awk '{print $1}')
+    REV=`cat /etc/fedora-release | sed s/.*release\ // | sed s/\ .*//`
+
+  elif [ -f /etc/redhat-release ] ; then
+    DIST=$(cat /etc/redhat-release | awk '{print $1}')
+    if [ "${DIST}" = "CentOS" ]; then
+      DIST="CentOS"
+      IGNORE_OS_RELEASE=1 # https://bugs.centos.org/view.php?id=8359
+    elif [ "${DIST}" = "CloudLinux" ]; then
+      DIST="CloudLinux"
+    elif [ "${DIST}" = "Mandriva" ]; then
+      DIST="Mandriva"
+      PSEUDONAME=`cat /etc/mandriva-release | sed s/.*\(// | sed s/\)//`
+      REV=`cat /etc/mandriva-release | sed s/.*release\ // | sed s/\ .*//`
+    elif [ -f /etc/oracle-release ]; then
+      DIST="Oracle"
+    elif [ -f /etc/rockstor-release ]; then
+      DIST="Rockstor"
+    else
+      DIST="RedHat"
+    fi
+
+    PSEUDONAME=`cat /etc/redhat-release | sed s/.*\(// | sed s/\)//`
+    REV=`cat /etc/redhat-release | sed s/.*release\ // | sed s/\ .*//`
+
+  elif [ -f /etc/mandrake-release ] ; then
+    DIST='Mandrake'
+    PSEUDONAME=`cat /etc/mandrake-release | sed s/.*\(// | sed s/\)//`
+    REV=`cat /etc/mandrake-release | sed s/.*release\ // | sed s/\ .*//`
+
+  elif [ -f /etc/devuan_version ] ; then
+    DIST="Devuan `cat /etc/devuan_version`"
+    REV=""
+
+  elif [ -f /etc/debian_version ] ; then
+    DIST="Debian `cat /etc/debian_version`"
+    REV=""
+    if [ -f /usr/bin/lsb_release ] ; then
+      ID=`lsb_release -i | awk -F ':' '{print $2}' | sed 's/	//g'`
+    fi
+    if [ "${ID}" = "Raspbian" ] ; then
+      DIST="Raspbian `cat /etc/debian_version`"
+    fi
+    if [ -f /usr/bin/pveversion ]; then
+      DIST="${DIST}/PVE `/usr/bin/pveversion | cut -d '/' -f 2`"
+    fi
+
+  elif [ -f /etc/gentoo-release ] ; then
+    DIST="Gentoo"
+    REV=$(tr -d '[[:alpha:]]' </etc/gentoo-release | tr -d " ")
+
+  elif [ -f /etc/arch-release ] ; then
+    DIST="Arch Linux"
+    REV="" # Omit version since Arch Linux uses rolling releases
+    IGNORE_LSB=1 # /etc/lsb-release would overwrite $REV with "rolling"
+
+  elif [ -f /etc/photon-release ] ; then
+    DIST=$(head -1 < /etc/photon-release)
+    REV=$(sed -n -e 's/^.*PHOTON_BUILD_NUMBER=//p' /etc/photon-release)
+    IGNORE_LSB=1 # photon os does not have /etc/lsb-release nor lsb_release
+
+  elif [ -f /etc/openwrt_version ] ; then
+    DIST="OpenWrt"
+    REV=$(cat /etc/openwrt_version)
+
+  elif [ -f /etc/pld-release ] ; then
+    DIST=$(cat /etc/pld-release)
+    REV=""
+
+  elif [ -f /etc/SuSE-release ] ; then
+    DIST=$(echo SLES $(grep VERSION /etc/SuSE-release | cut -d = -f 2 | tr -d " "))
+    REV=$(echo SP$(grep PATCHLEVEL /etc/SuSE-release | cut -d = -f 2 | tr -d " "))
+  fi
+
+  if [ -x "$(command -v  awk)" ];  then # some distros do not ship with awk
+    if [ "`uname -a | awk '{print $(NF)}'`" = "DD-WRT" ] ; then
+      DIST="dd-wrt"
+    fi
+    if [ "`uname -a | awk '{print $(NF)}'`" = "ASUSWRT-Merlin" ] ; then
+      DIST="ASUSWRT-Merlin"
+      REV=`nvram show | grep buildno= | egrep -o '[0-9].[0-9].[0-9]'` > /dev/null 2>&1
+    fi
+  fi
+
+  # try standardized os version methods
+  if [ -f /etc/os-release -a "${IGNORE_OS_RELEASE}" != 1 ] ; then
+    source /etc/os-release
+    STD_DIST="$NAME"
+    STD_REV="$VERSION_ID"
+  elif [ -f /etc/lsb-release -a "${IGNORE_LSB}" != 1 ] ; then
+    STD_DIST=$(lsb_release -si)
+    STD_REV=$(lsb_release -sr)
+  fi
+  if [ -n "${STD_DIST}" ]; then
+    DIST="${STD_DIST}"
+  fi
+  if [ -n "${STD_REV}" ]; then
+    REV="${STD_REV}"
+  fi
+
+  if [ -n "${REV}" ]; then
+    OSSTR="${DIST} ${REV}"
+  else
+    OSSTR="${DIST}"
+  fi
+
+elif [ "${OS}" = "Darwin" ] ; then
+  if [ -f /usr/bin/sw_vers ] ; then
+    OSSTR=`/usr/bin/sw_vers|grep -v Build|sed 's/^.*:.//'| tr "\n" ' '`
+  fi
+
+elif [ "${OS}" = "FreeBSD" ] ; then
+  DIST=$(cat /etc/version | cut -d'-' -f 1)
+  if [ "${DIST}" = "FreeNAS" ]; then
+    OSSTR=`cat /etc/version | cut -d' ' -f 1`
+  else
+    OSSTR=`/usr/bin/uname -mior`
+  fi
+fi
+
+echo ${OSSTR}